Passed on 04/07 -- details, advice

1. Journey is worthwhile -- I am a better IT professional for the prep experience.
2. Vast majority of qns were 1000 ft level (remember: domain is "mile wide, inch deep").
3. Prep per the objectives and to *understand* (not just memorize), then you will pass no problem.

For exam takers - my exam experience:

* About 40-50% scenario qns, w/bias toward access control, IPSec, vulnerabilities, IDS
* Some general symmetric/asymmetric key, but surprisingly few specific cryptography qns
* 3 port qns, 3 certificate qns, a few firewall, & 8-10 straight-forward protocol qns, 1 repeat qn
* A few qns with unfamiliar terms or concepts
* Maybe 4-5 multiple selection qns
* A few qns with no answer correct or that made no sense
* A few qns that require a bit of thought
* My apptmt said 120 min exam, but computer only gave me 90 min

During your exam:

* Mark & keep count of 3 qn categories: 1) 50/50 guess; 2) total guess; 3) non-sense qns
* Try to answer every qn 1st time through, even if you are not 100% sure
* On review, avoid changing 1st answer, except if you have pro/con "ah-ha!" moment
* Nerves & scenario qns will make you over-mark; don't! You will lose review time at end
* Don't panic with unfamiliar terms & concepts (eliminate by process, make best guess)
* Don't worry over obvious nonsense qns (these are probably non-scored)
* For qns that require some thought, give 45 sec max 1st time, guess, mark & return at end
* If after 1st time thru: <30 tallied = good shape; <20 tallied = great shape
* If time permits, do full review after you've reviewed marked qns

Can I pass the exam with Sybex book alone and Sybex practice exams????

right now i am scoring 90%+ on all the chapter exams.

I have a firm understanding of all the principles, have memorized the port numbers.

My main worry is how much depth is needed for protocols such as IPSec, SSL, PGP, etc..

Do we have to remember the connection establishment and sequence of each protocol?

For example, TCP uses 3 way hanshake which everybody knows.

How about SSL and PGP? SHould I remember those protocols?

Thank you

Let me say this before responding specifically to your qns:

Take three of the exams I listed (excluding sybex); if you score at least low- to mid-80s for each, then you are ready, imho. Treat techexams 1, 2 & 3 as single exam.

Remember -- test is not deep (would have to be 200+ qns for depth); just broad. Now specific remarks:

Sybex probably gets an experienced, hands-on person close to a pass; greater direct experience likely translates to greater comfort margin. Sybex was wholly inadequate for my exam's heavy access control & IPSec bias. I scored about 91% overall on chapters, 86% on its practice exams. Syngress qns were ridiculously wordy, but they helped my thought process much more than sybex.
Remembering port numbers should get you 4-5 easy answers. After my original post, I recalled that I had five (5) port number qns, not three.
Understanding protocols like IPSec, SSL, PGP, SSH, etc. and their roles was *much* more important for my exam (especially IPSec) than cryptography specifics. Also, IKE, AH & ESP frameworks are must-know.
Know TCP/IP protocol vulnerabilities (including those related to TCP handshake); this will make another 4-5 qns easy to answer.